Menu
▾
▴
Re: [webmin-l] Security Advise for Virtuamin users !
|
From: Hamid H. <ha...@mo...> - 2006-08-13 10:11:11
|
Yes, I you knew the php codes run as apache user permission and it can access all public_html dirs of all sites and view their php codes. so imagine that all sites using mysql + php codes . then anyone who have access to the 1 site can access all mysql databases and it is really dangerous. I think the permanent solution is to run php for each virtualhosts as their own uid ! but this matter discussed before and you have to run php as CGI and this is not good for customers. therefore disabling these command would be a workaround. _Hamid Jamie Cameron wrote: > Hi all, > This change would disable various PHP functions for executing > commands, which would protect against some PHP security holes I guess > (such as ones where an attacker can trick PHP into running arbitrary > code). However, it may also break PHP programs that use these > functions to run other shell commands... so it isn't something I would > enable by default for Virtualmin. > > - Jamie > > On 12/Aug/2006 15:24 Vernon wrote .. >> Not sure who you are. Jamie is this still you are suggetsing as well? >> >> *---------- Original Message -----------* >> From: Hamid Hashemi <ha...@mo...> >> To: Webmin users list <web...@li...> >> Sent: Sun, 13 Aug 2006 01:45:35 +0330 >> Subject: [webmin-l] Security Advise for Virtuamin users ! >> >> > Hi , >> > >> > Just want to say please add the following line to you php.ini while >> you >> > are running virtualmin and you have some sites hosted on your server : >> > >> > disable_functions = >> > >> exec,popen,shell_exec,proc_open,passthru,system,stream_select,escapeshellcmd,pcntl_exec >> >> > >> > or run you php in safe_mode. BTW safe_mode is not a good choice for >> > customers. >> > >> > -- >> > Regards >> > ================================================================= >> > / Seyyed Hamid Reza / WINDOWS FOR NOW !! / >> > / Hashemi Golpayegani / Linux for future , FreeBSD for ever / >> > / Morva System Co. / ------------------------------------- / >> > / Network Administrator/ ha...@mo... , ICQ# : 42209876 / >> > ================================================================ >> > >> > >> ------------------------------------------------------------------------- >> >> > Using Tomcat but need to do more? Need to support web services, >> security? >> > Get stuff done quickly with pre-integrated technology to make your >> job easier >> > Download IBM WebSphere Application Server v.1.0.1 based on Apache >> Geronimo >> > >> http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 >> <http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642> >> >> > - >> > Forwarded by the Webmin mailing list at >> web...@li... >> > To remove yourself from this list, go to >> > http://lists.sourceforge.net/lists/listinfo/webadmin-list >> > >> > -- >> > This message has been scanned for viruses and >> > dangerous content by comp-wiz.com, inc.'s MailScanner, >> > and is believed to be clean. >> *------- End of Original Message -------* > > ------------------------------------------------------------------------ > > ------------------------------------------------------------------------- > Using Tomcat but need to do more? Need to support web services, security? > Get stuff done quickly with pre-integrated technology to make your job easier > Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 > ------------------------------------------------------------------------ > > - > Forwarded by the Webmin mailing list at web...@li... > To remove yourself from this list, go to > http://lists.sourceforge.net/lists/listinfo/webadmin-list > -- Regards ================================================================= / Seyyed Hamid Reza / WINDOWS FOR NOW !! / / Hashemi Golpayegani / Linux for future , FreeBSD for ever / / Morva System Co. / ------------------------------------- / / Network Administrator/ ha...@mo... , ICQ# : 42209876 / ================================================================ |
